California – Facebook is being sued over claims it has been scanning users’ private messages for personal information to sell to advertisers.
The social networking site is accused of monitoring messages and website links sent between users so they can profile what people read online.
This in turn allows the website to charge more for the information.
It is thought the information has special value because people are more likely to reveal their true interests in messages that are private.
The alleged breach of privacy has been exposed by internet experts, who monitored whether messages that Facebook insists are private were actually being monitored.
The claim relates to messages sent directly to a friend’s inbox, rather than posted on a public profile wall.
Many people use private messages to send friends links to other websites, such as news articles or shopping sites.
Facebook apparently tracked such messages to collect data on the interests of users.
Advertising agencies and marketing companies are then allegedly sold this information so they can build up profiles of a person’s interests, and target them accordingly.
If the linked web page has a “like” button, Facebook will activate this so any company “liked” will see the person is interested in their products.
Google, Yahoo! and Linked-In are among six companies facing accusations of intercepting communications for profit. The allegations have been made in a US lawsuit taken out by Matthew Campbell, from Arkansas, and Michael Hurley, from Oregon.
They are seeking compensation of either $100 (R1 000) for each day the practice has gone on, or $10 000 for each of the US users who have had messages intercepted.
They claim Facebook’s breach of privacy violates the Electronic Communications Privacy Act and California privacy and unfair competition laws.
While the case only covers users in the US, it is believed Facebook members worldwide have been affected.
Swiss information security firm High-Tech Bridge researched their claims by sending links through the private messaging services of 50 social media sites. Experts checked to see which were then clicked on by the sites – showing they had been tracked.
But computer expert Graham Cluley said: “I don’t see anything necessarily wrong in principle with online services automatically scanning messages between individuals, and examining the links that they are sharing.
“If Facebook’s security team didn’t have such systems in place I would believe them to be disturbingly lax in their duty of care for users.”
A Facebook spokesman said: “We believe the allegations are without merit and will defend ourselves vigorously.”
The site previously paid $20m to members who claimed in 2011 that it had used data without consent.
Daily Mail